Accueil Explorer Aide
S'inscrire Connexion
wareck
/
krackattacks
1
0
Fork 0
Fichiers Tickets 0 Pull Requests 0 Wiki
Parcourir la source

OpenSSL: Drop support for OpenSSL 0.9.8

The OpenSSL project will not support version 0.9.8 anymore. As there
won't be even security fixes for this branch, it is not really safe to
continue using 0.9.8 and we might as well drop support for it to allow
cleaning up the conditional source code blocks.

Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
Jouni Malinen il y a 9 ans
Parent
9353f07f3b
commit
de213e84e0
2 fichiers modifiés avec 0 ajouts et 31 suppressions
Vue séparée Afficher les stats Diff
  1. 0 18
      src/crypto/crypto_openssl.c
  2. 0 13
      src/crypto/tls_openssl.c

+ 0 - 18
src/crypto/crypto_openssl.c
Voir le fichier 

@@ -772,14 +772,10 @@ struct crypto_hash * crypto_hash_init(enum crypto_hash_alg alg, const u8 *key,
 
 #else
 
 	HMAC_CTX_init(&ctx->ctx);
 
 
-#if OPENSSL_VERSION_NUMBER < 0x00909000
 
-	HMAC_Init_ex(&ctx->ctx, key, key_len, md, NULL);
 
-#else /* openssl < 0.9.9 */
 
 	if (HMAC_Init_ex(&ctx->ctx, key, key_len, md, NULL) != 1) {
 
 		bin_clear_free(ctx, sizeof(*ctx));
 
 		return NULL;
 
 	}
 
-#endif /* openssl < 0.9.9 */
 
 #endif
 
 
 	return ctx;
 
@@ -819,12 +815,7 @@ int crypto_hash_finish(struct crypto_hash *ctx, u8 *mac, size_t *len)
 
 	res = HMAC_Final(ctx->ctx, mac, &mdlen);
 
 	HMAC_CTX_free(ctx->ctx);
 
 #else
 
-#if OPENSSL_VERSION_NUMBER < 0x00909000
 
-	HMAC_Final(&ctx->ctx, mac, &mdlen);
 
-	res = 1;
 
-#else /* openssl < 0.9.9 */
 
 	res = HMAC_Final(&ctx->ctx, mac, &mdlen);
 
-#endif /* openssl < 0.9.9 */
 
 	HMAC_CTX_cleanup(&ctx->ctx);
 
 #endif
 
 	bin_clear_free(ctx, sizeof(*ctx));
 
@@ -875,22 +866,13 @@ done:
 
 		return -1;
 
 
 	HMAC_CTX_init(&ctx);
 
-#if OPENSSL_VERSION_NUMBER < 0x00909000
 
-	HMAC_Init_ex(&ctx, key, key_len, type, NULL);
 
-#else /* openssl < 0.9.9 */
 
 	if (HMAC_Init_ex(&ctx, key, key_len, type, NULL) != 1)
 
 		return -1;
 
-#endif /* openssl < 0.9.9 */
 
 
 	for (i = 0; i < num_elem; i++)
 
 		HMAC_Update(&ctx, addr[i], len[i]);
 
 
-#if OPENSSL_VERSION_NUMBER < 0x00909000
 
-	HMAC_Final(&ctx, mac, &mdlen);
 
-	res = 1;
 
-#else /* openssl < 0.9.9 */
 
 	res = HMAC_Final(&ctx, mac, &mdlen);
 
-#endif /* openssl < 0.9.9 */
 
 	HMAC_CTX_cleanup(&ctx);
 
 
 	return res == 1 ? 0 : -1;

+ 0 - 13
src/crypto/tls_openssl.c
Voir le fichier 

@@ -37,13 +37,6 @@
 
 #include "tls.h"
 
 #include "tls_openssl.h"
 
 
-#if OPENSSL_VERSION_NUMBER < 0x10000000L
 
-/* ERR_remove_thread_state replaces ERR_remove_state and the latter is
 
- * deprecated. However, OpenSSL 0.9.8 doesn't include
 
- * ERR_remove_thread_state. */
 
-#define ERR_remove_thread_state(tid) ERR_remove_state(0)
 
-#endif
 
-
 
 #if defined(OPENSSL_IS_BORINGSSL)
 
 /* stack_index_t is the return type of OpenSSL's sk_XXX_num() functions. */
 
 typedef size_t stack_index_t;
 
@@ -2972,17 +2965,11 @@ static int openssl_get_keyblock_size(SSL *ssl)
 
 		return -1;
 
 
 	c = ssl->enc_read_ctx->cipher;
 
-#if OPENSSL_VERSION_NUMBER >= 0x00909000L
 
 	h = EVP_MD_CTX_md(ssl->read_hash);
 
-#else
 
-	h = ssl->read_hash;
 
-#endif
 
 	if (h)
 
 		md_size = EVP_MD_size(h);
 
-#if OPENSSL_VERSION_NUMBER >= 0x10000000L
 
 	else if (ssl->s3)
 
 		md_size = ssl->s3->tmp.new_mac_secret_size;
 
-#endif
 
 	else
 
 		return -1;